Lucene search

K

Gentoo FoundationMGASA-2013-0347

HistoryNov 22, 2013 - 11:09 p.m.

Updated wireshark packages fix multiple vulnerabilities

2013-11-2223:09:07

Gentoo Foundation

advisories.mageia.org

16

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.012

Percentile

85.1%

Updated wireshark packages fix security vulnerabilities: The IEEE 802.15.4 dissector could crash (CVE-2013-6336). The NBAP dissector could crash (CVE-2013-6337). The SIP dissector could crash (CVE-2013-6338). The OpenWire dissector could go into a large loop (CVE-2013-6339). The TCP dissector could crash (CVE-2013-6340).

OSVersionArchitecturePackageVersionFilename
Mageia2noarchwireshark< 1.8.11-1wireshark-1.8.11-1.mga2
Mageia3noarchwireshark< 1.8.11-1wireshark-1.8.11-1.mga3

References

www.wireshark.org/docs/relnotes/wireshark-1.8.11.html

www.wireshark.org/news/20131101.html

bugs.mageia.org/show_bug.cgi?id=11579

www.wireshark.org/security/wnpa-sec-2013-61.html

www.wireshark.org/security/wnpa-sec-2013-62.html

www.wireshark.org/security/wnpa-sec-2013-63.html

www.wireshark.org/security/wnpa-sec-2013-64.html

www.wireshark.org/security/wnpa-sec-2013-65.html

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.012

Percentile

85.1%

Related for MGASA-2013-0347

nessus17 openvas16 fedora3 securityvulns2 debian3 veracode7 redhat1 centos1 amazon1 oraclelinux1 gentoo1 ubuntucve5 debiancve5 nvd5 cvelist5 cve5 prion5 osv2